Shouldn't User Tracking Advertising Be Opt-In?At least one UK ISP seems to think so... ( old news - 12:22PM Monday Mar 10 2008) tags: business · privacyWe've been tracking the growing number of advertising firms who are using deep packet inspection gear on the ISP network to track which websites you visit, in order to send you targeted advertisements. While it's a nice deal for ISPs who make additional revenue, and a nice deal for the companies in question ( NebuAD, Phorm), it's not much of a deal for consumers, who won't see lower broadband prices and get the added bonus of privacy worries. We've talked with NebuAD's CEO, who says ISPs at least have to alert their customers they're using it. The few ISPs we've seen deploy these services so far ( CenturyTEL comes to mind) haven't exactly been noisy about it, and usually implement the service so it's opt-out only. Reacting to customer concerns, one British ISP named TalkTalk says they're making it opt-in only. They address concerns in the ISPs forums: We are committed to running a trial with Phorm, but with two very important conditions. Firstly, it will be an Opt In, not an Opt Out service. This means you will have to proactively choose to be a participant of the service. Secondly, those who have not chosen to participate will not ever come into contact with any Phorm equipment hosted within Talktalk. Details of who has membership of Phorm will be maintained in our network, and only those who have chosen to participate will be passed to Phorm. By making the service opt-in, the ISP says the "onus remains firmly with Phorm to make the service useful." In contrast to NebuAD, Phorm is trying to convince UK customers the service isn't just about making cash off of your clicks -- by trying to pass it off as an anti-phishing service. That's not comforting to those who know that Phorm used to be named 121Media and was in the business of making rootkits. If U.S. customers aren't going to see price cuts thanks to the added revenue these services provide, it would at least be nice to see them implemented as opt-in. Of course if it's opt-in most customers won't use it, which threatens the added revenue ISPs receive. TalkTalk's decision is a nice glimmer of integrity and customer respect that's unlikely to be mirrored here across the pond.
Related:- AT&T No Longer Wants Kevin Mitnick As A Customer
- No, Obama Isn't Taking Over The Internets
- Verizon Named Most Trusted Company With Your Privacy. Really?
- Senators Push To Strip Telco Immunity
- Shocker: Informed Consumers Want Privacy, Not Tailored Ads
- Government Stalls Handover Of Telco Immunity Lobbying Records
- Court: Uncle Sam Must Hand Over Immunity Lobbying Docs
- Obama Protects AT&T, Verizon Lobbying Records
|
 
packetscan
Premium
join:2004-10-19
Bridgeport, CT
clubs: | Privacy IF you want privacy.. Don't choose these isps.
Oh wait that's right many isps has a strangle hold on areas.
and force out competition so we really have no choice.
Thanks FCC!
--
Reach out and Tap someone! | |
|  | 
amigo_boy
join:2005-07-22
Tempe, AZ
 ·Cox HSI
 ·magicjack.com
| Re: Privacy said by packetscan  :IF you want privacy.. Don't choose these isps. I know you're being sarcastic. But, the ability to shop with your feet doesn't justify everything. Laws were passed describing under what circumstances communications companies can reveal details about their customers. I'm surprised this practice isn't covered by such laws. Even if it's aggregated behavioral information, it's still a detail about you. It's intended to target marketing to you.
I'm surprised 18 U.S.C. 2511 and 2702 don't apply. They're not limited to just disclosure to law enforcement.
»www4.law.cornell.edu/uscode/html···00-.html
»www4.law.cornell.edu/uscode/html···00-.html
Mark | |
| | | 
factchecker
@cox.net
| Re: Privacy said by amigo_boy :I'm surprised 18 U.S.C. 2511 and 2702 don't apply. They're not limited to just disclosure to law enforcement. For a poster that likes to play lawyer, you forget the myriad of state privacy laws that exist and muddy the waters even more... It isn't as simple as posting those two parts of the U.S.C., which may or may not apply, especially when you take into account that there are other federal laws that deal with privacy issues.
It would be nice if the legal ground was as simple as the links you have posted, but privacy legislation in this country is a disaster. | |
| | | |
amigo_boy
join:2005-07-22
Tempe, AZ
·Cox HSI
·magicjack.com
| Re: Privacy said by factchecker :
you forget the myriad of state privacy laws that exist and muddy the waters even more... Federal laws supersede state laws (Art. VI, Const.).
said by factchecker :
It isn't as simple as posting those two parts of the U.S.C., which may or may not apply, Remind me again, why don't they apply?
Mark | |
| | | | |
factchecker
@cox.net
| Re: Privacy said by amigo_boy :said by factchecker :
you forget the myriad of state privacy laws that exist and muddy the waters even more... Federal laws supersede state laws (Art. VI, Const.). Basic civics... However, you have missed the point entirely. The laws you posted are only a part of the question of privacy in the US.
As well, federal privacy laws on a whole are both vague and general, while state laws are more specific, the exceptions being certain laws governing finance and HIPAA. Privacy laws vary from state to state because there are no federal statutes that supersede all of the points covered by state laws.
said by factchecker :
It isn't as simple as posting those two parts of the U.S.C., which may or may not apply, Remind me again, why don't they apply? | |
| | | | | |
amigo_boy
join:2005-07-22
Tempe, AZ
·Cox HSI
·magicjack.com
| Re: Privacy said by factchecker :
Partly because you have not demonstrated that they apply, you have only stated that you interpret them in such a manner. References and judgments that interpret the law the same way that you do would help.
Theofel v. Farey-Jones, 341 F.3d 978, 982 (9th Cir. 2003). It "reflects Congress’s judgment that users have a legitimate interest in the confidentiality of communications in electronic storage at a communications facility." Id. at 982.
That's why I said "I'm surprised 18 U.S.C. 2511 and 2702 don't apply."
Mark | |
| | | | | | |
factchecker
@cox.net
| Re: Privacy said by amigo_boy :Theofel v. Farey-Jones, 341 F.3d 978, 982 (9th Cir. 2003). It "reflects Congress’s judgment that users have a legitimate interest in the confidentiality of communications in electronic storage at a communications facility." Id. at 982. That's why I said "I'm surprised 18 U.S.C. 2511 and 2702 don't apply." Okay, I see where you are going...
The reason I think they can currently get around that, based on the quick research I did on the case and a second glance at the law is because (a) the full contents of the message and information intercepted are never disclosed or recoverable and (b) the information intercepted can not be traced to a specific person (there are no names or user names to track down people). IP addresses could be used, but in most system, they change often enough that using them isn't reliable means of getting someone's identity, especially since providers probably (that we know of) are not giving Phorm, NebuAd and other companies wholesale access to their RADIUS servers.
The data is basically "anonymized" to a point that must be sufficient under law. As well, the intercepted packets are processed auto-magically and then deleted, meaning that no one actively digs through them. Since no one actually sees what is intercepted, they could legally argue that they aren't in violation of the law because technically, "privacy" still exists.
Whether that is right or wrong or people agree/disagree with it, I'd wager that is how they comply with or circumvent the law... | |
| | | | | | | |
amigo_boy
join:2005-07-22
Tempe, AZ
·Cox HSI
·magicjack.com
| Re: Privacy said by factchecker :
(a) the full contents of the message and information intercepted are never disclosed or recoverable and (b) the information intercepted can not be traced to a specific person (there are no names or user names to track down people).
Regarding "divulge content," would aggregated or anonymized information (relatable to an individual by IP or cookie) be covered as a "customer record" by Section C? It says a communication provider "may divulge a record or other information pertaining to a subscriber to or customer of such service" under enumerated conditions.
I guess it boils down to whether disclosing a summary of someone's activity and content (where they go, what they say or buy) is disclosure of content. If I summarize to you that Mr. Jones goes to certain types of sites, and uses certain IDs, and says certain things, and buys certain types of books... Is that what Congress had in mind as protecting your privacy because the actual content wasn't divulged?
I'm surprised it doesn't apply. If it doesn't, it seems like it should be (relatively) easy to amend. The spirit of the law is there. It just was written at a time when the envelope wasn't being pushed like it is now.
Mark | |
| | 
swhx7
Premium
join:2006-07-23
Elbonia
·RoadRunner Cable
| The important issue is not whether it's opt-in or opt-out. The real problem is that the ISP is diverting the customer's traffic into the 3rd-party machine. (See this link »www.theregister.co.uk/2008/03/07···rtegrul/ for a full explanation of how it works.)
Yes, Phorm claims that it anonymizes the data, and that the company is audited, and so on. But I predict that as soon as the publicity fades, the company will change the terms and start data-mining without any restraints - including personal information. Besides, the ISP can at any time contract with some other company that offers money for subscribers' data, and it may not even promise respect for privacy like Phorm.
This does need to be restrained by law. I don't think many users would agree to it if they were given a chance to opt in or out, with full information, separately from the ISP contract. | |
| 
W8ASA
Tieng gi vay?
join:2000-07-31
Dayton, OH
clubs: | Open DNS and a good Hosts File.... do wonders for me. I get far fewer ads on pages I visit because of them. In general, if an ad does not originate from the actual domain I'm visiting, it gets blocked.
--
Microwave and RF Components at www.ohiomicrowave.com | |
| | 
AnonProxy
Proxy of Anon
Premium
join:2001-05-12
ß | Re: Open DNS and a good Hosts File.... Open DNS and ad block does not stop packet inspection from your ISP. It's like saying I use firefox and don't see ads.
You don't see them but a lot of the value is not just in seeing the ads but selling your browsing habits. | |
| | | dualsub2006
join:2007-07-18
Newport, KY
·Vonage
·Insight Communicat..
| Re: Open DNS and a good Hosts File.... But if enough people block the ads then your browsing habits are worthless. It isn't worth buying my browsing history if you cannot serve me ads based on that information.
If there were no value in the data the data would be unsold. It's easy really. Given the free options that exist to keep your ISP from thrusting this kind of intrusion on you there is really no excuse for this.
Again, if these companies could not make money by serving ads from the purchase of this data then they would not buy it. Simple. | |
| | | | | | | Necronomikro
join:2005-09-01
| Re: Open DNS and a good Hosts File.... said by amigo_boy :said by AnonProxy :You don't see them but a lot of the value is not just in seeing the ads but selling your browsing habits. Semi-related question: I just began using Adblock Plus (» adblockplus.org/en/). Does it block the cookies associated with ads, or just the image display? Mark It can, if you subscribe to one of the helper lists that specify that it helps block tracking sites. | |
| | 
dvd536
as Mr. Pink as they come
Premium
join:2001-04-27
Phoenix, AZ | opendns also gets redirects!
4.2.2.1
4.2.2.2 for "clean lookups"
--
You can never be too rich, too thin or have too much Bandwidth | |
| 
GOLFnSUN
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
 ·Sprint Mobile Broa..
·Comcast
|  Ad profits drive action by web companies
»bits.blogs.nytimes.com/2008/03/0···&emc=rss
In a few weeks, AOL plans to roll out an ad campaign featuring a penguin to educate its users on ad targeting. (Yes, a penguin.) AOL says it’s hard to communicate all the in’s and out’s of targeting because they’re technical. quote:
article shows example of the penguin ads AOL will be using
A new analysis of online consumer data shows that large Web companies are learning more about people than ever from what they search for and do on the Internet, gathering clues about the tastes and preferences of a typical user several hundred times a month.
The analysis, conducted for The New York Times by the research firm comScore, provides what advertising executives say is the first broad estimate of the amount of consumer data that is transmitted to Internet companies.
Privacy advocates have previously sounded alarms about the practices of Internet companies and provided vague estimates about the volume of data they collect, but they did not give comprehensive figures.
Web companies once could monitor the actions of consumers only on their own sites. But over the last couple of years, the Internet giants have spread their reach by acting as intermediaries that place ads on thousands of Web sites, and now can follow people’s activities on far more sites.
ComScore analyzed 15 major media companies’ potential to collect online data in December. The analysis captured how many searches, display ads, videos and page views occurred on those sites and estimated the number of ads shown in their ad networks.
These actions represented “data transmission events” — times when consumer data was zapped back to the Web companies’ servers. Five large Web operations — Yahoo, Google, Microsoft, AOL and MySpace — record at least 336 billion transmission events in a month, not counting their ad networks.
Even with all the data Web companies have, they are finding ways to obtain more. The giant Internet portals have been buying ad-delivery companies like DoubleClick and Atlas, which have stockpiles of information. Atlas, for example, delivers 6 billion ads every day. The comScore figures do not capture such data.
A study of California adults last year found that 85 percent thought sites should not be allowed to track their behavior around the Web to show them ads, according to the Samuelson Law, Technology & Public Policy Clinic at the University of California at Berkeley, which conducted the study. People may not like it, but it hasn't slowed the growth of data collection one bit.
--
My BLOG .. .. Internet News .. .. My Web Page | |
| openbox9
join:2004-01-26
Alexandria, VA
 ·AT&T Southeast
| Read Your ISP's "Privacy" Statement Most of these actions are covered in the privacy statements that you implicitly agree by receiving the statement and not opting out. This is not different than a company obtaining your "consent" via their privacy statement to sell your information to their "marketing partners". Sadly, a majority of people ignore ToS, AUP, Privacy Statements, etc. and just pay their monthly bills with no comprehension of what they've agreed to. | |
| |
amigo_boy
join:2005-07-22
Tempe, AZ
·Cox HSI
·magicjack.com
| Re: Read Your ISP's "Privacy" Statement said by openbox9 :This is not different than a company obtaining your "consent" via their privacy statement to sell your information to their "marketing partners". I think there's a difference between eTrade selling my name and address to their partners (to target investment products to me in junk mail) and them selling specific information about my investments, trades, how much money I have, the financial institutions I transfer it to/from.
That's why I think those two laws mentioned earlier in the thread apply (or should apply). What ISPs are doing is essentially disclosing details about your communications (not just your subscription).
Mark | |
| | ross
join:2000-08-16
·Digizip
| said by openbox9 :Most of these actions are covered in the privacy statements that you implicitly agree by receiving the statement and not opting out. This is not different than a company obtaining your "consent" via their privacy statement to sell your information to their "marketing partners". Sadly, a majority of people ignore ToS, AUP, Privacy Statements, etc. and just pay their monthly bills with no comprehension of what they've agreed to. Are you implying consumers/customers actually have a choice in the matter, or that terms are negotiated with your ISP? Do you mean to imply there are laws which protect consumers/customers from these predatory business practices? People have little choice among ISPs, and even less choice re the terms of ISP services. This entire subject begs for legislative action. Especially, since the FCC and FTC have chosen to look the other way. | |
| | | openbox9
join:2004-01-26
Alexandria, VA
·AT&T Southeast
| Re: Read Your ISP's "Privacy" Statement I'm implying that you have options to opt out of a lot of things that ISPs (and many other businesses) do with some of your personal information. I'm also implying that if you as a consumer don't take action to protect yourself as much as possible, then you shouldn't expect anybody else to do so? As for choice, there's always a choice. You might not like your option(s), but you do have an option to choose. Why are many people so eager to jump on the legislation bandwagon? | |
| | | |
amigo_boy
join:2005-07-22
Tempe, AZ
·Cox HSI
·magicjack.com
| Re: Read Your ISP's "Privacy" Statement said by openbox9 :Why are many people so eager to jump on the legislation bandwagon? That ship left the harbor a long time ago. If you want to eliminate food and drug quality laws, building and zoning codes, banking regulations, the Securities and Exchange commission, societal creation of corporate entities, corporation commissions (the list goes forever) then I could understand your position (and it would place you in the realm of the irrelevant fringe).
Otherwise we've already established over the past 200 years that we're a society who believes markets work better with basic, uniform standards, not a raw "caveat emptor" environment.
Mark | |
| | | | SilverSurfer
join:2007-08-19
| said by openbox9 :I'm implying that you have options to opt out of a lot of things that ISPs (and many other businesses) do with some of your personal information. Said the person who has clearly never tried to opt-out of anything. If you did, then you would know that opting out does absolutely nothing to protect your information from disclosure as much as it serves as an implicit acknowledgment that you know it is occurring. | |
| | | | | openbox9
join:2004-01-26
Alexandria, VA
·AT&T Southeast
| Re: Read Your ISP's "Privacy" Statement I opt out of every "privacy" statement that I receive from my financial institutions and service providers. I receive very little "value added partner marketing" material. So, I'd say that opting out does help in that sense. Also, I'm not naive enough to believe that I have any real privacy, so I guess my implicit acknowledgement is irrelevant. | |
| | | | | | 
major marco
Res Firma Mitescere Nescit
Premium
join:2003-02-13
Stepford, CA
clubs:
1 edit | Re: Read Your ISP's "Privacy" Statement said by openbox9 :I opt out of every "privacy" statement that I receive from my financial institutions and service providers. I receive very little "value added partner marketing" material. So, I'd say that opting out does help in that sense. Also, I'm not naive enough to believe that I have any real privacy, so I guess my implicit acknowledgement is irrelevant. But opting out is, in fact, utterly useless. You jump through the company's hoops, and in the end, 6 months later, you get a post card letting you know that your info is still fair game to their trading partner and the bartering/selling of information is controlled by the federal and your state's privacy laws. And since most states don't have any privacy laws, and, the federal government certainly does have any either, specifically where financial data is concerned, you're still SOL, and, opting out is still a friggin' joke.
--
The Toll
Let's Go Flyers!
| |
| | | | | | | openbox9
join:2004-01-26
Alexandria, VA
·AT&T Southeast
| Re: Read Your ISP's "Privacy" Statement Ok, so don't opt out. I for one will continue opting out of items that I don't want part of because I do see a benefit. Even if it's every six months (not sure where that came from), it takes all of about 15 seconds to click the "opt out" button, or dial a phone number. | |
| | |
amigo_boy
join:2005-07-22
Tempe, AZ
·Cox HSI
·magicjack.com
| Re: While we are at it.... said by Nightfall :Its time to outlaw those stupid cards that some grocery stores use that enable you to save more off the price of your groceries. Just fill in bogus information in the application for the card. I happen to be Captain Nimrod, 45 E Adventure St, Apt -125.
I have a couple cards not tied to anyone because they let me take the application home (and I never returned it).
Mark | |
| | | ross
join:2000-08-16
·Digizip
| Re: While we are at it.... said by amigo_boy :Just fill in bogus information in the application for the card. I happen to be Captain Nimrod, 45 E Adventure St, Apt -125... Yes, you are...(couldn't resist a straight line like that one!) | |
| | | 
Titus Pullo
I came, I saw, I slept
join:2004-06-26
·Embarq
| said by amigo_boy :said by Nightfall :Its time to outlaw those stupid cards that some grocery stores use that enable you to save more off the price of your groceries. Just fill in bogus information in the application for the card. I happen to be Captain Nimrod, 45 E Adventure St, Apt -125. I have a couple cards not tied to anyone because they let me take the application home (and I never returned it). And don't forget to return all those postage-paid return envelopes you get with junk mail so the company that sends them is sure to pay the postage. Just be sure not to ID yourself. Big Brother IS watching 
-- | |
| | | | 
csiemers
join:2000-09-16
Portland, OR
| Re: While we are at it.... said by Titus Pullo :And don't forget to return all those postage-paid return envelopes you get with junk mail so the company that sends them is sure to pay the postage. Just be sure not to ID yourself. Big Brother IS watching -- Actually, I take all the contents (including the original envelope) and put credit card offers in their postage-paid envelope and send them back. I noticed that after I did that for a couple months the amount of credit card offers drastically reduced.
--
»www.wwiivehicles.com
World War II Vehicles and Advanced Squad Leader | |
| | | | | | | | | | |
Fahrt Bendar
@comcast.net | Re: While we are at it.... Albertson's cards are alive and well.. its the only way you can get the sale price! | |
| | 
Noah Vail
Premium
join:2004-12-10
Lorton, VA
·RoadRunner Cable
| said by Nightfall :Its time to outlaw those stupid cards that some grocery stores use that enable you to save more off the price of your groceries. We have a local store that likes to bring the price of a grocery product down .20 cents if you have their card. What they don't tell you is that the card tracks your eating habits and they sell those to whomever they please or use it themselves. A Law Enforcement Officer I knew was building up a year supply of stuff; about 8 years ago (preSept11). He was purchasing cases of stuff from one of the chain grocery stores.
Some weeks later, he was ordered to report to the investigative arm of the State Law Enforcement Agency to explain a bulk purchase of cleaner and some other on the shelf product. Apparently they could be used to cobble together some bit of nastiness.
Later he went back and checked his receipt on the purchase and confirmed that he had paid cash that day, but had used his shopping card.
The store never felt compelled to mention it's arrangement with BigBro in the card agreement.
NV
--
Abortion: A Republican Plot to Thin the Liberal Herd. | |
| kelso
join:2007-04-06
Ashburn, VA
| privoxy free, hope it helps I use privoxy on my home network.
Sure hope it helps with privacy.
I sure does help cut down on internet junk while I surf.
Free utility at »www.privoxy.org
Wikipedia description at »en.wikipedia.org/wiki/Privoxy | |
| 
hopeflicker
Capitalism breeds greed
Premium
join:2003-04-03
Long Beach, CA
| Another reason... that captiolism isn't always good.
Captiolism works mostly in favor of big business.
**anticipates the move to china or commie comments to soon follow** 
--
Religion does three things quite effectively: Divides people, Controls people, Deludes people. | |
| | openbox9
join:2004-01-26
Alexandria, VA
·AT&T Southeast
| Re: Another reason... said by hopeflicker :**anticipates the move to china or commie comments to soon follow** Nah, you're welcome to stay here as long as I can maintain class separation and continue to make my wealth off of your sweat and hard work | |
| | |
hopeflicker
Capitalism breeds greed
Premium
join:2003-04-03
Long Beach, CA
| Re: Another reason... and yet another reason that captiolism can be a bad thing; human exploitation
**again anticipates the "move to china" or "commie" comments to soon follow**
--
Religion does three things quite effectively: Divides people, Controls people, Deludes people. | |
| | | | |
hopeflicker
Capitalism breeds greed
Premium
join:2003-04-03
Long Beach, CA | Re: Another reason... OMG! u are able to detect spelling errors.
1 cookie for j00 | |
| | | Sammer
join:2005-12-22
Canonsburg, PA
| said by supergirl :Exactly what is "Captiolism"???? The best Congress money can buy! | |
|
dvd536
as Mr. Pink as they come
Premium
join:2001-04-27
Phoenix, AZ | But. . . . . Theres no MONEY in making the default "Opt-in". | |
|
Mr Twister
@btcentralplus.com
| Don't forget this could also severely degrade your service.. The tech crowd seem to think once Phorm is enabled it will really screw things up for EVERYONE (in or out):
»www.badphorm.co.uk/e107_plugins/···.php?548
Don't like the sound of it one bit... | |
| | 
likitysplit
join:2008-01-14
Flagstaff, AZ
|  I love this thread!
| |
| | | |
|
|
·
